Etsi stylesheet (V 0)
Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yüklə 1,91 Mb.
|
- Bu səhifədəki naviqasiya:
- 7.4 Northbound APIs Security for SCEF - SCS/AS Interworking (NAPS_Sec) (Rel-15)
- 7.5 Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
- 7.6.2 IP Multimedia Subsystem (IMS) Security
- 7.6.3 Network Domain Security (NDS)
- 7.6.4 UTRAN Network Access Security
- 7.6.10 Security Aspects of Isolated E-UTRAN Operation for Public Safety (IOPS)
- 7.6.14 New GPRS algorithms for EASE (EASE_ALGOs_SA3)
- 7.6.17 Security aspect of architecture enhancements for LTE support of V2X services (V2XLTE-Sec)
- 7.6.19 Other work items
- 7.8 Documents on joint meeting with SA6 regarding eMCSec
7.3 Mission Critical Security Enhancements (eMCSec) (Rel-15)S3-180038 LS on Removal of 'over LTE' limitation from Mission Critical Specifications Type: LS in For: (not specified) Original outgoing LS: -, to -, cc - Source: S1- 174542 Decision: The document was noted. S3-180043 LS on end-to-end encryption for mission critical communications between LMR users and 3GPP MC users Type: LS in For: (not specified) Original outgoing LS: -, to -, cc - Source: S6-171838 Decision: The document was noted. S3-180332 [eMCSEC] Adding Integrity Key for KMS communications Type: CR For: Agreement 33.180 v15.0.0 CR0051 Cat: B (Rel-15) Source: NCSC Decision: The document was agreed. S3-180160 [eMCSec] 33180 R15 Interworking SeGy clarification Type: CR For: Agreement 33.180 v15.0.0 CR0048 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. Abstract: Clarify SeGy functionality when used in an IWF. Decision: The document was revised to S3-180386. S3-180386 [eMCSec] 33180 R15 Interworking SeGy clarification Type: CR For: Agreement 33.180 v15.0.0 CR0048 rev 1 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. (Replaces S3-180160) Decision: The document was agreed. S3-180153 [eMCSec] 33180 R15 IWF security Type: CR For: Agreement 33.180 v15.0.0 CR0044 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. Abstract: Add security for IWF-1, IWF-2 and IWF-3 interfaces. Decision: The document was merged. S3-180229 Document showing the changes to SeGy functionality Type: discussion For: Discussion Source: NCSC Decision: The document was noted. S3-180228 [eMCSEC] Security Gateway clause update and move to annex Type: CR For: Agreement 33.180 v15.0.0 CR0050 Cat: B (Rel-15) Source: NCSC Decision: The document was merged. S3-180226 [eMCSEC] Notifying the use of Security Gateways Type: CR For: Agreement 33.180 v15.0.0 CR0049 Cat: B (Rel-15) Source: NCSC Decision: The document was agreed. S3-180227 [eMCSEC] LS to SA6 on Security Gateway notification Type: LS out For: Approval to SA6 Source: NCSC Decision: The document was revised to S3-180387. S3-180387 [eMCSEC] LS to SA6 on Security Gateway notification Type: LS out For: Approval to SA6 Source: NCSC (Replaces S3-180227) Decision: The document was approved. S3-180156 [eMCSec] 33.180 R15 Interworking media and signaling Type: CR For: Agreement 33.180 v15.0.0 CR0045 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. Abstract: Add interworking media and signaling protection for MCPTT and MCData. Decision: The document was revised to S3-180376. S3-180376 [eMCSec] 33.180 R15 Interworking media and signaling Type: CR For: Agreement 33.180 v15.0.0 CR0045 rev 1 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. (Replaces S3-180156) Decision: The document was agreed. S3-180158 [eMCSec] 33180 R15 Interworking key mgmt (InterSD) Type: CR For: Agreement 33.180 v15.0.0 CR0046 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. Abstract: Add the InterSD agreed method for interworking end-to-end key management. Decision: The document was revised to S3-180413. S3-180413 [eMCSec] 33180 R15 Interworking key mgmt (InterSD) Type: CR For: Agreement 33.180 v15.0.0 CR0046 rev 1 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. (Replaces S3-180158) Decision: The document was agreed. S3-180159 [eMCSec] 33180 R15 Interworking key mgmt (MCData) Type: CR For: Agreement 33.180 v15.0.0 CR0047 Cat: F (Rel-15) Source: Motorola Solutions UK Ltd. Abstract: Add the MCData agreed method for interworking end-to-end key management. Decision: The document was withdrawn. S3-180163 New WID for MONASTERY security Type: WID new For: Agreement Source: Motorola Solutions UK Ltd. Abstract: WID to add mission critical security for MONASTERY features. Discussion: It was commented whether it was possible to add a new objective in the existing WID instead of a new WID. MCC commented that for tracking-in-3GPP purposes and given that it was a new topic, it was better to have a separate WID. It was pointed out that this was a Rel-15 WID, so the work would be brought for the next Bis meeting as well. Decision: The document was revised to S3-180385. S3-180385 New WID for MONASTERY security Type: WID new For: Agreement Source: Motorola Solutions UK Ltd. (Replaces S3-180163) Decision: The document was agreed. S3-180427 Changes to TS 33.180 from SA3#90 Type: other For: Information Source: NCSC Decision: The document was noted. 7.4 Northbound APIs Security for SCEF - SCS/AS Interworking (NAPS_Sec) (Rel-15)S3-180157 Authorization of SCS/AS to send requests for the 3GPP Network Entity Type: CR For: Approval 33.187 v14.1.0 CR0011 Cat: B (Rel-15) Source: Huawei, Hisilicon Discussion: ORANGE: we cannot adapt to all types of third party networks. You are proposing an authorization mechanism here, not a security procedure. ORANGE wasn't convinced why it is for multiple authorization mechanisms. Keep only the first sentence. We need an authorization mechanism, but which one is not clear. It was clarified that this was a contribution to the draft CR from the previous meeting, so the type had to be changed to "other". It was asked to be minuted that OATH is a good candidate for this. There was no consensus on this so Huawei decided not to pursue this. Decision: The document was not pursued. S3-180459 Exception Sheet NAPS-Sec Type: WI exception request For: Agreement Source: Huawei Decision: The document was withdrawn. 7.5 Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)S3-180207 Scope of CAPIF security Type: pCR For: Approval 33.122 v0.0.0 Source: Huawei, Hisilicon, China Mobile (Replaces S3-180142) Discussion: NEC commented that the scope here was too short and needed more wording. The Vice Chair proposed to accept this and bring more proposals for the next meeting.
(Replaces S3-180307) Decision: The document was approved. S3-180224 Security requirements on the CAPIF-4 reference point Type: pCR For: Approval 33.122 v0.0.0 Source: China Mobile, Huawei Decision: The document was merged. S3-180191 Key issue on topology hiding of the service Type: pCR For: (not specified) 33.122 v0.0.0 Source: China Unicom, China Mobile Decision: The document was merged. S3-180192 ey issue on secure communication between functions in CAPIF Type: pCR For: (not specified) 33.122 v0.0.0 Source: China Unicom, China Mobile Decision: The document was merged. S3-180144 Additional security requirements for 3rd party API provider Type: pCR For: Approval 33.122 v0.0.0 Source: Huawei, Hisilicon Decision: The document was merged. S3-180208 Security requirements on CAPIF entities Type: pCR For: Approval 33.122 v0.0.0 Source: Huawei, Hisilicon, China Mobile (Replaces S3-180143) Decision: The document was merged. S3-180309 Security procedure for CAPIF-1e reference point Type: pCR For: Approval 33.122 v0.0.0 Source: Samsung Decision: The document was approved. S3-180312 Security Procedure for CAPIF-2e reference point Type: pCR For: Agreement 33.122 v0.0.0 Source: Samsung Discussion: NEC: it is strange that there are three methods here, which seems like three options. It was clarified that method one and two are authentication and method three is authorization/authentication. BT: how is the method chosen/ negotiated in the fly? Samsung: this is determined in 392. Nokia: method three is fine but the others need some more refinement. Huawei wasn't convinced with the authorization mechanisms for method one and two, so an editor's note was added to address this.
(Replaces S3-180312) Decision: The document was approved. S3-180314 CAPIF security within PLMN Trust Domain Type: pCR For: Approval 33.122 v0.0.0 Source: Samsung Discussion: NEC: this is in a solution section and we have two requirements. Huawei: the second line is too broad, you cannot mention that the whole TS 33.310 applies; refer to the right clause. China commented that the first sentence wasn't clear enough and needed to be more specific about what exactly is being taken from TS 33.310. MCC agreed with this. Decision: The document was revised to S3-180404. S3-180404 CAPIF security within PLMN Trust Domain Type: pCR For: Approval 33.122 v0.0.0 Source: Samsung (Replaces S3-180314) Decision: The document was approved. S3-180142 Scope of CAPIF security Type: pCR For: Approval 33.122 v0.0.0 Source: Huawei, Hisilicon Decision: The document was revised to S3-180207. S3-180143 Security requirements on CAPIF entities Type: pCR For: Approval 33.122 v0.0.0 Source: Huawei, Hisilicon Decision: The document was revised to S3-180208. S3-180401 Draft TS 33.122 Type: draft TS For: Approval 33.122 v0.1.0 Source: Samsung Decision: The document was approved. 7.6 Other work areas7.6.1 SAE/LTE SecurityS3-180245 Discussion on completing the LTE bidding down procedures Type: discussion For: Discussion Source: Qualcomm Incorporated Decision: The document was noted. 7.6.2 IP Multimedia Subsystem (IMS) SecurityS3-180325 Clarification for TCP connection reuse Type: CR For: Agreement 33.203 v15.0.0 CR0249 Cat: F (Rel-15) Source: Ericsson Limited Decision: The document was revised to S3-180417. S3-180417 Clarification for TCP connection reuse Type: CR For: Agreement 33.203 v15.0.0 CR0249 rev 1 Cat: F (Rel-15) Source: Ericsson Limited (Replaces S3-180325) Decision: The document was agreed. 7.6.3 Network Domain Security (NDS)S3-180262 Clarification need of CMPv2 in TS 33.310 Type: discussion For: Endorsement 33.310 v.. Source: Ericsson Discussion: It was agreed to treat this in the Bis meeting in San Diego. It was commented that it was needed to go back up to Rel-10.
7.6.5 GERAN Network Access Security7.6.6 Generic Authentication Architecture (GAA)7.6.7 Multimedia Broadcast/Multicast Service (MBMS)7.6.8 Security Aspects of Home(e)NodeB (H(e)NB)7.6.9 Security Aspects related to Machine-Type Communication ((e)MTC)S3-180029 Collection of clarifications and editorial changes to BEST TS 33.163 Type: CR For: Approval 33.163 v15.2.0 CR0003 Cat: F (Rel-15) Source: Deutsche Telekom AG Abstract: Upon careful reading and reviews of the BEST TS, several problems and inconsistencies were discovered. The changes in this document attempt to fix them. Discussion: BEST is not part of the agenda of this meeting. Decision: The document was postponed. 7.6.10 Security Aspects of Isolated E-UTRAN Operation for Public Safety (IOPS)7.6.11 Security of MCPTT (MCPTT)7.6.12 Security for Enhancements to Proximity-based Services - Extensions (eProSe-Ext-SA3)7.6.13 Enhanced Access Security for Extended Coverage GSM in relation to Cellular IoT (EASE_EC_GSM)7.6.14 New GPRS algorithms for EASE (EASE_ALGOs_SA3)7.6.15 Support of EAP Re-Authentication Protocol for WLAN Interworking (ERP)7.6.16 Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)S3-180088 Collection of changes based on feedback from GSMA SECAG - CR to 33.117v1 Rel.14 Type: CR For: Agreement 33.117 v14.2.0 CR0004 Cat: F (Rel-14) Source: Nokia Discussion: MCC commented that normative language cannot be used in Notes ("shall", "should"), which are just informative in nature and cannot be used for requirements and recommendations. The content was fine but the distinction of normative/recommendation and informative text had to be worked offline. The editor's note was removed and added to the report as action item: "It is FFS on how details should be added to the SCAS to indicate whether requirements and associated test cases are applicable to all units or boards within a Network Product."
(Replaces S3-180088) Decision: The document was agreed. S3-180089 Collection of changes based on feedback from GSMA SECAG - CR to 33.117v1 Rel.15 Type: CR For: Agreement 33.117 v14.2.0 CR0005 Cat: A (Rel-15) Source: Nokia Discussion: MCC pointed out that this CR wasn't necessary since the latest version of the spec is in Rel-14. Decision: The document was not pursued. S3-180090 Collection of changes based on feedback from GSMA SECAG - CR to 33.916v1 Rel.14 Type: CR For: Agreement 33.916 v14.2.0 CR0004 Cat: F (Rel-14) Source: Nokia Decision: The document was revised to S3-180420. S3-180420 Collection of changes based on feedback from GSMA SECAG - CR to 33.916v1 Rel.14 Type: CR For: Agreement 33.916 v14.2.0 CR0004 rev 1 Cat: F (Rel-14) Source: Nokia (Replaces S3-180090) Decision: The document was agreed. S3-180091 Collection of changes based on feedback from GSMA SECAG - CR to 33.916v1 Rel.15 Type: CR For: Agreement 33.916 v14.2.0 CR0005 Cat: A (Rel-15) Source: Nokia Decision: The document was not pursued. S3-180345 NESAS Pilot Findings and Recommendations to SA3 Type: LS in For: Information Original outgoing LS: -, to -, cc - Source: GSMA SECAG Decision: The document was replied to in S3-180418. S3-180418 Reply to: NESAS Pilot Findings and Recommendations to SA3 Type: LS out For: approval to GSMA SECAG Source: Nokia Decision: The document was approved. 7.6.17 Security aspect of architecture enhancements for LTE support of V2X services (V2XLTE-Sec)7.6.18 Security of the Mission Critical Service (MCSec)S3-180315 LS to CT1 on Protected Payload message type Type: LS out For: Approval to CT1 Source: NCSC Decision: The document was revised to S3-180388. S3-180388 LS to CT1 on Protected Payload message type Type: LS out For: Approval to CT1 Source: NCSC (Replaces S3-180315) Decision: The document was approved. 7.6.19 Other work items7.7 New Work Item proposalsS3-180222 New WID on GBA enhancements for Internet of Things Type: WID new For: Agreement Source: China Mobile, CATR, China Unicom Discussion: Ericsson: it should be a study first and wider in scope, considering discussions in IETF. Qualcomm: in the objectives, which protocols other than HTTP? The Chair commented that the overall opinion seemed that the work should start with a study item first. ORANGE: include 5G in the scope, e.g. SSO in 5G. Nokia: there is no time to have a new study item given the workload with 5G. Vodafone expressed their concerns on study items taking out time for 5G items. BT suggested to handle every normative item in 5G as a priority before heading for study item work. The Chair pointed out that prioritization will serve that purpose and that contributions can be always accepted as a 3GPP working procedure. Gemalto: some study items are essential for future normative work, ORANGE: this should be decided each meeting, not as a general rule. The Chair decided to use prioritization in the next meetings. Vodafone wanted their objection recorded if this issue was commented in SA plenary; they preferred to have study items delayed until August. Ericsson asked to delay this study item for the next meeting in order to have internal discussions about it. There may be several studies in here. There was no agreement and the document was noted and expected to come back for the meeting SA3#91. Decision: The document was noted. S3-180381 New SID on GBA enhancements Type: SID new For: Agreement Source: China Mobile, CATR, China Unicom Decision: The document was withdrawn. S3-180335 New WID for 5G SCAS Type: WID new For: Agreement Source: Huawei, Hisilicon,Ericsson (Replaces S3-180334) Discussion: BT: HSS/UDM is a critical element and it should be considered as well. DT:Consider SBA as well? China Mobile: we have concerns about the network functions, they could be virtualised. Study the virtualisation of network functions first. Huawei commented that the work item should focus on the physical elements and focus on the virtualised aspects in a study item. NTT-Docomo supported the first two objectives. Alex (BT): assume that the network will be partly virtualised at least even in early stages. Nokia preferred a study item, but the consensus was to make it as a work item. Decision: The document was revised to S3-180383. S3-180383 New WID for 5G SCAS Type: WID new For: Agreement Source: Huawei, Hisilicon,Ericsson (Replaces S3-180335) Discussion: Vodafone commented that there isn’t much time to deal with this and that 5G should have preference. Decision: The document was agreed. 7.8 Documents on joint meeting with SA6 regarding eMCSecS3-180382 Presentation for Joint SA3/SA6 meeting Type: other For: Presentation Source: NCSC Discussion: Slide 4: SA6 agreed to the assumptions. InterSD vs SDS: who makes the decision? SA3 or SA6? Motorola solutions: InterSD would seem easier for SA6 according to some informal discussions we've had. Motorola Solutions (SA3): we are OK with this in SA3. It was noted that the InterSD message must be identifiable. SA6 will take care of the documentation and flows of these messages. IWF to the client security would be work for SA3. There are no new reference points so we would use existing ones. It was agreed that service independence aspects should be added. Slide 8: Discreet listening/viewing One SA6 opinion was that this should be considered inRel-16. This was agreed. Police of Netherlands: collection and storage? this is real time. Peter (NCSC): it's SA6 who decides how and when this data is stored. Slide 9: Temporary group call/user regroup SA6 recognises the problem and it needs to be discussed further. Downstream groups face the same issue. T-Dek (SA6): There are two models: Group ID pre-allocated before the group is formed. SA3 mechanisms are based on this model. Temporary group call is based on the case when the Group ID is not pre-allocated, that is part of the SA1 requirements. It's not appropriate to discard this for the security. We need to enhance the procedure, it's not complete. This is SA6 perspective. The SA6 Chair commented that it will be decided whether this will go to Rel-15 or Rel-16. Alan (SA6): it's a deployment decision whether they want to use an unsecure call. Adrian (SA6) supported that. It's an operational deployment choice. Peter (NCSC): the media security is mandatory in 3GPP. It's a requirement that wouldn't be applied in this case. The Chair (SA3) commented that this could be enhanced in Rel-16 but SA6. Motorola (SA6): It was also commented from an SA6 delegate that cat-F CRs could be brought to enhance this. Firstnet (SA6): we are ok with having it in Rel-16. Decision: The document was noted. S3-180402 LMR interworking key management summary Type: other For: Presentation Source: Harris Corporation Decision: The document was noted. Yüklə 1,91 Mb. Dostları ilə paylaş:
|